// jwt 权限校验  
// jwt ： json web token ，判断接口是否有操作权限的；
const express = require("express");
const static = express.static;
const jwt = require("jsonwebtoken");
let app = express();
app.use(static(__dirname + "/static"));

const router = express.Router();

router.post("/checkUser", (req, res, next) => {
  let { username, pwd } = req.body;
  if (username === "张三" && pwd === "123") {
    let token = jwt.sign({
      myname: "hello"
    }, "mysecret", { expiresIn: "2h" });

    res.json({
      info: "用户名和密码正确",
      status: 1,
      token
    });
  } else {
    res.json({
      info: "用户名或者密码错误",
      status: 0
    });
  }
});

module.exports = router;
